• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include <gtest/gtest.h>
17 
18 #include <cstring>
19 #include "securec.h"
20 #include <thread>
21 
22 #include "adaptor_memory.h"
23 #include "adaptor_time.h"
24 #include "token_key.h"
25 #include "user_sign_centre.h"
26 
27 extern "C" {
28     extern bool IsTimeValid(const UserAuthTokenHal *userAuthToken, uint64_t allowableDuration);
29     extern ResultCode UserAuthTokenHmac(UserAuthTokenHal *userAuthToken, HksAuthTokenKey *authTokenKey);
30     extern ResultCode GetTokenDataCipherResult(const TokenDataToEncrypt *data, UserAuthTokenHal *authToken,
31         const HksAuthTokenKey *tokenKey);
32     extern ResultCode DecryptTokenCipher(const UserAuthTokenHal *userAuthToken, UserAuthTokenPlainHal *tokenPlain,
33         HksAuthTokenKey *tokenKey);
34     extern ResultCode CheckUserAuthTokenHmac(const UserAuthTokenHal *userAuthToken, HksAuthTokenKey *tokenKey);
35 }
36 
37 namespace OHOS {
38 namespace UserIam {
39 namespace UserAuth {
40 using namespace testing;
41 using namespace testing::ext;
42 
43 #define DEAULT_CHALLENGE {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, \
44     1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1}
45 #define DEFAULT_CIPHER {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, \
46     1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7}
47 #define DEFAULT_TAG {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5}
48 #define DEFAULT_IV {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1}
49 #define DEFAULT_SIGN {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, \
50     1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1}
51 
52 class UserAuthSignTest : public testing::Test {
53 public:
SetUpTestCase()54     static void SetUpTestCase() {};
55 
TearDownTestCase()56     static void TearDownTestCase() {};
57 
SetUp()58     void SetUp() {};
59 
TearDown()60     void TearDown() {};
61 };
62 
63 HWTEST_F(UserAuthSignTest, TestIsTimeValid, TestSize.Level0)
64 {
65     UserAuthTokenHal token = {};
66     token.tokenDataPlain.time = UINT64_MAX;
67     uint64_t allowableDuration = 1;
68     EXPECT_FALSE(IsTimeValid(&token, allowableDuration));
69     token.tokenDataPlain.time = 0;
70     IsTimeValid(&token, allowableDuration);
71     token.tokenDataPlain.time = GetSystemTime();
72     EXPECT_TRUE(IsTimeValid(&token, allowableDuration));
73 }
74 
75 HWTEST_F(UserAuthSignTest, TestUserAuthTokenHmac, TestSize.Level0)
76 {
77     UserAuthTokenHal token = {};
78     HksAuthTokenKey userAuthTokenKey = {};
79     EXPECT_EQ(UserAuthTokenHmac(&token, &userAuthTokenKey), RESULT_SUCCESS);
80 }
81 
82 HWTEST_F(UserAuthSignTest, TestTokenGenerateAndVerify, TestSize.Level0)
83 {
84     constexpr uint32_t testVersion = 1;
85     constexpr uint32_t testAuthTrustLevel = 3;
86     constexpr uint32_t testAuthType = 4;
87     constexpr uint32_t testAuthMode = 5;
88     constexpr uint32_t testSecurityLevel = 6;
89     constexpr int32_t testUserId = 7;
90     constexpr uint64_t testSecureId = 8;
91     constexpr uint64_t testEnrolledId = 9;
92     constexpr uint64_t testCredentialId = 10;
93     UserAuthTokenHal token = {
94         .version = testVersion,
95         .tokenDataPlain = {
96             .challenge = DEAULT_CHALLENGE,
97             .time = GetSystemTime(),
98             .authTrustLevel = testAuthTrustLevel,
99             .authType = testAuthType,
100             .authMode = testAuthMode,
101             .securityLevel = testSecurityLevel,
102         },
103         .tokenDataCipher = DEFAULT_CIPHER,
104         .tag = DEFAULT_TAG,
105         .iv = DEFAULT_IV,
106         .sign = DEFAULT_SIGN,
107     };
108     TokenDataToEncrypt data = {
109         .userId = testUserId,
110         .secureUid = testSecureId,
111         .enrolledId = testEnrolledId,
112         .credentialId = testCredentialId,
113     };
114     HksAuthTokenKey userAuthTokenKey = {};
115     EXPECT_EQ(GetTokenKey(&userAuthTokenKey), RESULT_SUCCESS);
116     EXPECT_EQ(GetTokenDataCipherResult(&data, &token, &userAuthTokenKey), RESULT_SUCCESS);
117     EXPECT_EQ(UserAuthTokenHmac(&token, &userAuthTokenKey), RESULT_SUCCESS);
118     UserAuthTokenPlainHal userAuthTokenPlainHal = {};
119     userAuthTokenPlainHal.tokenDataPlain.time = GetSystemTime();
120     uint64_t allowableDuration = 10 * 60 * 1000;
121     EXPECT_EQ(UserAuthTokenVerify(&token, allowableDuration, &userAuthTokenPlainHal), RESULT_SUCCESS);
122     EXPECT_EQ(memcmp(&(userAuthTokenPlainHal.tokenDataPlain), &(token.tokenDataPlain),
123         sizeof(TokenDataPlain)), 0);
124     EXPECT_EQ(memcmp(&(userAuthTokenPlainHal.tokenDataToEncrypt), &data,
125         sizeof(TokenDataToEncrypt)), 0);
126 }
127 
128 HWTEST_F(UserAuthSignTest, TestDecryptTokenCipher, TestSize.Level0)
129 {
130     UserAuthTokenHal userAuthToken = {};
131     UserAuthTokenPlainHal userAuthTokenPlainHal = {};
132     HksAuthTokenKey userAuthTokenKey = {};
133     EXPECT_EQ(DecryptTokenCipher(&userAuthToken, &userAuthTokenPlainHal, &userAuthTokenKey), RESULT_GENERAL_ERROR);
134 }
135 
136 HWTEST_F(UserAuthSignTest, TestCheckUserAuthTokenHmac, TestSize.Level0)
137 {
138     UserAuthTokenHal userAuthToken = {};
139     HksAuthTokenKey tokenKey = {};
140     EXPECT_EQ(CheckUserAuthTokenHmac(&userAuthToken, &tokenKey), RESULT_BAD_SIGN);
141 }
142 
143 HWTEST_F(UserAuthSignTest, TestUserAuthTokenVerify, TestSize.Level0)
144 {
145     UserAuthTokenHal userAuthToken = {};
146     UserAuthTokenPlainHal userAuthTokenPlainHal = {};
147     HksAuthTokenKey userAuthTokenKey = {};
148     uint64_t allowableDuration = 0;
149     EXPECT_EQ(GetTokenKey(&userAuthTokenKey), RESULT_SUCCESS);
150     EXPECT_EQ(UserAuthTokenVerify(nullptr, allowableDuration, &userAuthTokenPlainHal), RESULT_BAD_PARAM);
151     EXPECT_EQ(UserAuthTokenVerify(&userAuthToken, allowableDuration, nullptr), RESULT_BAD_PARAM);
152     userAuthToken.tokenDataPlain.time = UINT64_MAX;
153     EXPECT_EQ(UserAuthTokenVerify(&userAuthToken, allowableDuration, &userAuthTokenPlainHal), RESULT_TOKEN_TIMEOUT);
154     userAuthToken.tokenDataPlain.time = GetSystemTime();
155     EXPECT_EQ(UserAuthTokenVerify(&userAuthToken, allowableDuration, &userAuthTokenPlainHal), RESULT_VERIFY_TOKEN_FAIL);
156     EXPECT_EQ(UserAuthTokenHmac(&userAuthToken, &userAuthTokenKey), RESULT_SUCCESS);
157 }
158 
159 HWTEST_F(UserAuthSignTest, TestReuseUnlockTokenSign, TestSize.Level0)
160 {
161     UserAuthTokenHal token = {};
162     EXPECT_EQ(ReuseUnlockTokenSign(nullptr), RESULT_BAD_PARAM);
163     EXPECT_EQ(ReuseUnlockTokenSign(&token), RESULT_SUCCESS);
164 }
165 } // namespace UserAuth
166 } // namespace UserIam
167 } // namespace OHOS
168